The attached PDF file launches the Reader and Acrobat attack, and specially crafted code within the file targets the vulnerability and attempts to download malware-serving Trojans.

“We have started seeing a small number of targeted samples in Sophos Labs of attackers trying to use this vulnerability in email attachments. The emails are well crafted and look very believable,” said Sophos Senior Security Advisor Chester Wisniewski.

Adobe has been working to address the flaw with an out-of-cycle security fix scheduled to arrive some time in the coming week.